Thoughts confirmed: companies are scared of hackers

I’ve decided to test my theory I wrote about the other day. I believe that companies are scared as hell when it comes to hiring security personnel. They will have to rely on the fact that the people they hire to help their clients or themselves from being attacked by hackers/evil won’t turn against them and […]

Social Engineering Mindfuck: 7 ways to protect yourself

Sometimes I really can’t believe what you can pull off in large corporate or government organisations over here. Supplier doors that are wide open and give you direct access to the building (via the restaurant); patch cabinets that are open while nobody is in sight; trust-based employee systems; sticky-notes with corporate (login) information; unattended laptops, […]

“I am not going to get hacked”

Many years ago it used to be that most website hacking attempts were launched by sophisticated cybercriminals, or at the very least highly talented amateurs using complex methods and tools. While this meant such attacks could be more difficult to prevent – they were usually limited in number, and aimed towards larger corporations with very large […]

Plan your Hacking Strategy

Incident response is the art (and science) of responding to computer security-related breaches. Interestingly, most organizations I deal with don’t have a documented incident response plan. The last thing you want to do during and after a security breach is figure out the best approach for handling the situation.  It is an often overlooked component […]

Is your site vulnerable to Cross Site Scripting?

What is Cross site Scripting?Hackers are constantly experimenting with a wide repertoire of hacking techniques to compromise websites and web applications and make off with a treasure trove of sensitive data including credit card numbers, social security numbers and even medical records. Cross Site Scripting (also known as XSS or CSS) is generally believed to […]

How to check for Google hacking vulnerabilities

What is Google hacking? Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from […]

Why you need security checks on your website

As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists. The importance of Web Application Scanning Organizations need a Web application scanning solution that can scan for security loopholes in Web-based applications to prevent would-be hackers from gaining unauthorized […]